<?php

include "dbconnect.php";
include "functions.php";
include "header.php";
check_rights(USER);
 
?>

<html>

<head>
<title>Kasutajate andmebaas</title>
</head>

<body bgcolor=AliceBlue text=DarkGoldenRod link=DarkSlateGray></body>


<h1>Kasutajate registreerimise vorm</h1>
<h3>* on kohustuslik</h3>
<form action=<?php echo $_SERVER['SCRIPT_NAME']; ?> method=post>

<table border=1>

<tr>
  <td>Kasutajanimi:*</td>
  <td><input type=text name=insert_username value=<?php echo $_GET['insert_username'] ?>></td>
</tr>
<tr>
  <td>Salasõna:*</td>
  <td><input type=password name=password value=<?php echo $_GET['password'] ?>></td>
</tr>
<tr>
  <td>Eesnimi:</td>
  <td><input type=text name=firstname value=<?php echo $_GET['firstname'] ?>></td>
</tr>
<tr>
  <td>Perenimi:</td>
  <td><input type=text name=name value=<?php echo $_GET['name'] ?>></td>
</tr>
<tr>
  <td>Auaste:</td>
  <td><input type=text name=title value=<?php echo $_GET['title'] ?>></td>
</tr>
<tr>
  <td>Sugu:</td>
  <td>
  <select name=sex>
  <option></option>
  <option>M</option>
  <option>F</option>
  </select>
  </td>
  </tr>
<tr>
  <td>E-post:</td>
  <td><input type=text name=email></td>
</tr>
<tr>
  <td>Keele eelistus:</td>
  <td>
  <select name=language>
  <option></option>
  <option>Eesti</option>
  <option>Vene</option>
  <option>Inglise</option>
  <option>Soome</option>
  </select>
  </td>
</tr>
<tr>
  <td>Õigused:</td>
  <td> Kasutaja = 2, Mode = 3, Admin = 4 </td>
  </tr>

<tr>
  <td>Õigused:*</td>
  <td>
  <select name=level>
  <option></option>
  <option>2</option>
  <option>3</option>
  <option>4</option>
  </select>
  </td>
</tr>
<tr>
  <td>Märkus:</td>
  <td><textarea name=comment cols=25 rows=7>Siia sisesta oma kommentaarid</textarea></td>
</tr>
<tr>
  <td>Uudiskiri:</td>
  <td><input type=checkbox name=newsletter value=1></td>
</tr>
<tr>
  <td>Aktiivne:</td>
  <td>
  Aktiivne: <input type=radio name=status value=y checked>
  Passiivne: <input type=radio name=status value=n>
  </td>
</tr>
</table>
<input type=submit name=nupp value=Sisesta>
<input type=reset value="Algseis tagasi">
</form>
</html>
<?php
    
    
  //print_r($_POST);
  //echo $_POST['username'];
  
  #let's make strings secure
  foreach($_POST as $key => $val)
  {
    $_POST[$key] = str_secure($_POST[$key]);
  }
  $query = "SELECT * FROM logimine ";
  $result = @mysql_query($query);
  $row = mysql_fetch_assoc($result);
  
  if($_POST['nupp'] == "Sisesta" AND $_POST['insert_username'] == $row['username'])
  {
  echo "Kasutajanimi on juba käigus. Vali uus","<p>";
  echo $_POST['insert_username'], "<p>", $row['username'], "<p>";
  
  }
  elseif($_POST['nupp'] == "Sisesta" AND $_POST['insert_username'] == "")
  {
  echo "Kasutajanimi on puudu. Vali uus","<p>";
  echo $_POST['insert_username'], "<p>", $row['username'],"<p>";
  
  }
  elseif ( $_SESSION['login_user']['time'] != $_SESSION['login_user']['time'] )
  {
  echo "See nimi on juba olemas";
  
  }
  else
  {
    #DB query
    $querylisamine = "INSERT INTO logimine SET
    username='".$_POST['insert_username']."',
    password=PASSWORD('".$_POST['password']."'),
    firstname='".$_POST['firstname']."',
    name='".$_POST['name']."',
    title='".$_POST['title']."',
    sex='".$_POST['sex']."',
    email='".$_POST['email']."',
    language='".$_POST['language']."',
    level='".$_POST['level']."',
    comment='".$_POST['comment']."',
    newsletter='".$_POST['newsletter']."',
    deleted='".$_POST['deleted']."',
    adddate=NOW(),
    addperson='".$_SESSION['login_user']['username']."'
    ";
    
    //echo $query;
    
    mysql_query($querylisamine) OR
    die("Ebaõnnestus: " . mysql_error());
    $_SESSION['login_user']['time'] ++; 
    $_POST['insert_username'] = "";
    echo  $_SESSION['login_user']['time'] ; 
  }

//echo "<a href=".$_SERVER['SCRIPT_NAME']."?username=uugu&password=porgand&name=Uugu-Lehmaste>Automaatselt täida väljad</a>";
//print_r($_GET);

echo "<p>",$_POST['insert_username'];
echo "<p>","1", "<p>";
include "footer.php";
    ?>